Sherman's Security Blog
I am Sherman Hand. (also known as Policysup) I have created this blog and will use a part of my day to write about what is going on in the world. I hope to discuss things in a down to earth and practical way. I hope to hear back from you on your thoughts. I do not in any way intend to speak for my employer. The content of this blog will be either opinions that are strictly mine, general observations,re posts, or information that is already in the public domain.

A distributed denial-of-service (DDoS) group has claimed responsibility for a series of global outages to Xbox Live, Microsoft’s online gaming network for the Xbox console.

Recently, members of the group, which calls itself the New World Hackers, sat down with Newsweek to explain the motivation behind its alleged attacks.

“Well, didn’t even take as long as I thought,” a member of New World Hackers said. “We attacked Xbox to protest. Major companies like this have massive servers but no real protection. We want Xbox to update the protection they have, which isn’t much.”

Screenshot of Xbox Live Status page taken by Express.co.uk.

Earlier this week, Xbox users globally reported that they were having difficulty accessing some of the network’s services, including buying downloadable items, downloading already-purchased content, creating Xbox Live accounts, signing into those accounts, signing in, and browsing the Xbox Video Store and Xbox Music Store.

This is the second time Xbox Live has experienced an outage this month.

Microsoft has since confirmed the restoration of its network’s core services. As of this writing, all Xbox Live services are running normally.

The Redmond-based tech company has yet to disclose the cause of the outages.

At the beginning of the most recent service interruptions, the New World Hackers tweeted out that it had brought down Xbox Live for half of the United States and all of Europe.

This is not the only time the hacker group has claimed responsibility for an attack against a high-profile target. Back in January, the group allegedly used distributed denial-of-service (DDoS) attacks to bring down the websites of U.S. Republican presidential frontrunner Donald Trump and the BBC.

The group shared a screenshot of the latter offensive, which if legitimate reveals that it employed a tool called BangStresser to launch an attack of up to 602 Gbps – a volume of traffic that well-surpasses the largest attack on record at 334 Gbps, as documented by Arbor Networks in the middle of last year.

ZDNet has investigated this claim further. While attacks of that magnitude do pop up from time to time and are reported privately, no such attack has been recorded in months.